Sonali Bank Lirnited Head Office, . tr Human Resource Develooment Division

Request for Expressaon of Interest for selection of Chief Information Technoloov OfficeríCfTO) in the rank of Generat Manaoer.

The CEO & Managing Director, Sonali Bank Limited invites proposals for providing services as Chief Information Technology Officer (CITO) in the rank of General Manager with full executive power, responsibility and accountability of the Information Technology Division of the Bank from eligible Bangladeshi candidates who must have qualifications and experiences mentioned below:

Education:

. The Candidate must have minimum Bachelor degree in computer science/ computer engineering/ lCTl Applied Physics &. Electronics/ Electrical & Electronics Engineering from any reputed university. o Post graduate degrees in ICT or MBA/M.Com in Finance/ Management / Accounting will be treated as additional qualifications.

Experience:

o The candidate must have at least l0 years of progressively more responsible experience preferably in a reputed bank or financial institution having on-line system that provides the technical & administrative knowledge to manage information technology operations and including demonstrated successful senior management experience and strong understanding of the enterprise wide functions of an information and communication division.

o He/she should be proficient in translating banking business into technological solutions.

o Substantial exposure to data processing, hardware platforms, enterprise software applications and outsourced systems.

o Experience with systems design and development from business requirements analysis through day-to-day management.

o Excellent written and oral communication skills.

o Ability to present ideas in business-friendly and user-friendly language.

o Experience of Core Banking Solution, Intemet Banking Mobile Banking; ATM & POS, BATCFI, BEFTN etc will be prefened.

Sonali Bank Limited is the largest commercial bank of the country, emerged as a limited company on 03.06.2007 by way of registering with the Registrar of the Joint Stock Companies & Firms in Dhaka.

The Bank has started computerizing its branches since 1989 using Stand Alone Banking Application Software. The Bank has a total of 1210 branches at home and abroad including 02(two) overseas branches at and in India. Besides the Bank has joint ventures and subsidiaries/sister concerns in the name of (a) Sonali Bank (tIK) Ltd. in UK (b) Sonali Exchange Company Inc. to act as an International Money Transmitter in USA. and (c) Sonali Polaris FT Limited, associate company of the Bank entrusted in implementing CBS in the bank.

Rec Notice CITO-2017 (For Website) Page-1-ofS for its Sonali Bank Limited has been using Information Technology (IT) extensively is given day to day business oPerations. e Uiief IT implementation status of the Bank below:

sl. Areal Subject Total Number No. I fotal number of Home Branches: 1208 2 No. of CBS Branches: 818 J No. of Non CBS Branches 390 ( Distributed Banking Application) 4 Total number of EmPIoYees: 19,817 A few are: - I (Remittance Management System) o RMS+ | o CRMS+ (Customer Remittance Managementl

System) I In-house Application Software (60 o Sonali Sheba (e-service-tax and others) +) o Govt. Transaction System . Sanchay patra 5 | . Pension paying System | . Chest Branch Currency Management I Svrtem (CCMS) | . Sonali Banking Solutions (Branch I gunking Application software) | . SBEFTN etc. 6 3rd Party Application Software . CBS - Sonali Polaris FT Limited . Branch Banking Application software - (Beximco computers, Infinity Technology Int. Ltd, Desktop Computers Limited) o SWIFT o Card Management Software etc.

In order to expedite the process of computerization in the Bank, to explore new business business opportunities by uiing state of art technology, to achieve sustainable in the growth, survival in a competitive environment and for implementation of CBS and business Éank, íh. Authority desires to engage a CITO having sound IT, Banking may be knowledge. He/shé will exercise executive power of a General Manager as delegated by the Board of Directors of the Bank' The CITO,s role is to provide vision and leadership for developing and implementing information technology initiutires. The CITO directs the planning and implementation to improve cost of enterprise IT ryrt..r in support of business operations in order responsible effectiven.rr, ,.*i.e quality unà b.rsiness development. This individual is technology and for all aspects of the orgànization's new and existing information systems.

KEY JOB RESPONSIBILITIES :

of the IT Ot'P.*iOe guidance to the Bank's IT team for successful implementation related recommendations ma4§ ly the Oti best practices in-the field of IT .u. uï *.ll * th. pópt. *ort ing in the branches of (c-BS) including the Bank in ongoing implementation of core Banking solution Agent Banking' POS' Alternative DeliveriChannels like ATM, Mobile Banking, Internet Banking etc. in the Bank' ers/staffs about CBS

Page - 2 - of5 Rec Notice CITO-2O17 (For Website) 05.Provide leadership in ongoing implementation of Core IT platform, managing existing systems and initiating changes that might be needed to conform to

06. Evaluate user needs and system functionality and ensure that ICT facilities meet these needs and to ensure the smooth running of all ICT systems including anti- virus software, print services and email 07. Help the Bank to implement IT strategy; create appropriate policies and practices for disaster management planning; develop policies and procedures for outsourcing develop Bank-wide MIS poli 08. Provide visionary leadership in developing a sound management system for effective integration of the information systems. 09. Help the bank to develop the IT infrastructure of the Bank and to extend IT literacy amons bank officers/staffs. l0.Conduct cost benefit analysis, taking into consideration associated risks and security aspects in selecting appropriate hardware, software and other ancillary for the Bank. I l. Collaborate with planning and coordinating process of the bank with information & communication technolosv services. 12. Analyze the adequacy of hardware, software and network equipment in the Bank's DC (Data Centre) and DRS (Disaster Recovery Site) and Review the readiness of Data Centre (DC) and Disaster Recovery Site (DRS) for implementation of Centralized IT systems of the Bank. l3.Play key role in supporting the achievement of the business goals and to optimize the policies and procedures relating to IT operations: to diagnose potential area of

14. Ensure effective data management and service and ensure statutory compliance of all IT services systems. 15.Advise to provide secured access to the Bank's network system for remote users administer thereof. l6.Maintain up to date knowledge in respect of relevant state-of-the-art technology,

lT.Introduce an eff,rcient centralized MIS for the Bank. lS.Review the SLAs (Service Level Agreement) that were executed or waiting for execution with the different hardware & software vendors and to take appropriate so that CBS can round the clock smoothl l9.Play key role in preparation of operational Manuals and implementation Manuals for the IT related policy/regulations (i.e. IT system Audit manual, IT security cy etc.) for the Bank. 20. Play a key role in developing Information Security/Information Systems Security best practices for the Bank and overseeing training of employees to follow information security policies and develop information security awareness. 2l.Review IT policy and ICT security policy of the Bank and provide guidance and on for updating the same. 22.Arrange Cyber Security Governance under supervision of Board of Directors. 23. Evaluate Cyler Security Risks. Make plan to encounter cyber or technical attack 24.Carcy out assessment of technological weakness and to prepare crisiJmanagement

25. Make plan to face risks that may arise from services of third partv- 26.TakeupawarenessandtrainingprogramonCybersecu.it@ staff of the Bank. 27.Take initiative for increasing awareness among gank on orli* "rsto-er 28.Setup24X7activeInformationSecurityoperationCentrefo@ on line systems round-the-clock. 29.Take initiative for PCI-DSS certification. 30.CollectandpreSerVeatleastthreemonthsperimetersa,d.o.@ and mission critical servers.

Rec Notice CITO-2017 (For Website) Page-3-ofS 31. Comply with ICT Act of Government, Guidelines on Internal Confrol & Compliance in Banks of , the Intemal Control & Compliance Policy of Sonali Bank Limited, the Guideline on ICT Security for Banks and Non- Bank Financial Institutions of Bangladesh Bank, Information and Communication Technology (ICT) Policy of Sonali Bank Limited, related circulars issued time to time by Sonali Bank Limited and its regulatory authorities. In addition to that ensuring IT Audit & Inspection works to be carried out consistently and efÏiciently and in accordance with ISO 27000 series, Supreme Audit Institution of Bangladesh (SAIB), Intemational Organization of Supreme Audit Institution (ASOSAI), Information System Audit and Control Association (ISACA) and other recognized International standards and guidelines as and when required/applicable for future ICT operation risk and threat. 32. Conduct all activities related to formation and updating of ICT Audit & Inspection policy, planning, manual, guidelines and directories of the Department. 33.Advise to conduct different types of audits on ICT related activities in all domestic and overseas branches and its sister eoncern companies according to the annual audit &. inspection plan (subject to the approval of the concerned authority) 34. Guide to conduct all kinds of audit/inspection/investigation and reporting, instructed/advised/demanded by the Bank's regulatory bodies, BoD/ACBoD/ MANCOIVI/CEO &. MD on ICT related Fraud and Forgery/EmbezzlemeníSerious IrregularitiesAvlalpractice or measuring the magnitude of financial loss and risks in the concerned matter and place it before the hieher authority. 35.Prepare and present informationireporíBoard Memo on audit and inspection conducted by the Department following the order of higher authorities and execute activities upon checking the information/report and necessary steps to implement the decisions accordingly. 36.Provide necessary datalinformation/report of ICT audit and inspection to the GovernmeníSemi-governmeníAutonomous bodies/Competent authorities as per their demand and interpreVreply/explain/recommend/opinions against their queries through proper channel. 37.Follow up audit findings to ensure that management has taken corrective action(s). 38.Advise general and application control reviews for simple to complex computer information systems and to manage crisis situations that may involve complex technical hardware or software problems. 39. Detect data integrity, secrecy and security from internal and external manipulation, attacks and threats. 40. Ensure & advise proper maintenance and development of computerized audit software and users adherence to software licensing laws. 4l.Coordinate and interact with external auditors, administrators, faculty, staff and law enforcement officials as appropriate; may be 42. Advise to assist and impart training to other audit staffs in the use of computerized audit techiriques and in developing methods for review and analysis

of computerized information systems I 43. Accomplishes financial objectives by forecasting requirements; preparing an annual budget; scheduling expenditures etc U ptay vital role and take proper steps to customize the CBS application as per Request for Proposal (RFP), RFP response and Product Fitment Document (PFD). 45. Coilabo.ute *ith Division/Department Heads to enhance efficiencies within their areas through technological support. 463..form any other jobs as and when assigned by the competent authority(s).

The CITO will report & work in close consultation with the concerned Deputy Managing Director and CEO & Managing Director of the Bank.

Rec Notice CITO-2017 (For Website) Page-4-ofS Tenure: Initially Two years Remuneration: Negotiable and consistent with other Banks' remuneration packages for similar job. Complete application must be submitted to the following address by 18/0412017. The application must have detailed curriculum vitae with a recent photograph, copies of all academic and experience certificate, contact addresses (mail address, e-mail, telephones), an appreciation of the assignment in one page and expected monthly remuneration. Only short listed candidates shall be contacted for interview.

Bank reserves the right to accept or reject any application or annul the process without assigning any reason.

General Manager Sonali Bank Limited Human Resource Development Division Head Office, Dhaka. Phone: 9564136

Rec Notice CITO-2017 (For Website) Page - 5 - of5